forem Self Host Install issues – Failed to parse setup.yml

$ ansible-playbook -i inventory/forem/setup.yml playbooks/providers/aws.yml
[WARNING]:  * Failed to parse /var/home/core/selfhost/inventory/forem/setup.yml with ini plugin: Invalid host pattern '---' supplied, '---' is normally a sign this is
a YAML file.
[WARNING]:  * Failed to parse /var/home/core/selfhost/inventory/forem/setup.yml with yaml plugin: We were unable to read either as JSON nor YAML, these are the errors
we got from each: JSON: Expecting value: line 1 column 1 (char 0)  Syntax Error while loading YAML.   could not find expected ':'  The error appears to be in
'/var/home/core/selfhost/inventory/forem/setup.yml': line 85, column 11, but may be elsewhere in the file depending on the exact syntax problem.  The offending line
appears to be:            $ANSIBLE_VAULT;1.1;AES256           62376137383864393461613561353234643230666431643935303533346631393537363564366334           ^ here
[WARNING]: Unable to parse /var/home/core/selfhost/inventory/forem/setup.yml as an inventory source
[WARNING]: No inventory was parsed, only implicit localhost is available
[WARNING]: provided hosts list is empty, only localhost is available. Note that the implicit localhost does not match 'all'

PLAY [Deploy Forem to AWS] *********************************************************************************************************************************************
skipping: no hosts matched

PLAY RECAP *************************************************************************************************************************************************************

Solution: Two Space for Vault key

How to install pwgen in Linux all versions and Mac & Docker?

The pwgen program generates passwords which are designed to be easily memorized by humans, while being as secure as possible. Human-memorable passwords are never going to be as secure as completely completely random passwords. In particular, passwords generated by pwgen without the -s option should not be used in places where the password could be attacked via an off-line brute-force attack. On the other hand, completely randomly generated passwords have a tendency to be written down, and are subject to being compromised in that fashion.

The pwgen program is designed to be used both interactively, and in shell scripts. Hence, its default behavior differs depending on whether the standard output is a tty device or a pipe to another program. Used interactively, pwgen will display a screenful of passwords, allowing the user to pick a single password, and then quickly erase the screen. This prevents someone from being able to “shoulder surf” the user’s chosen password.

When standard output (stdout) is not a tty, pwgen will only generate one password, as this tends to be much more convenient for shell scripts, and in order to be compatible with previous versions of this program.

In addition, for backwards compatibility reasons, when stdout is not a tty and secure password generation mode has not been requested, pwgen will generate less secure passwords, as if the -0A options had been passed to it on the command line. This can be overriden using the -nc options. In the future, the behavior when stdout is a tty may change, so shell scripts using pwgen should explicitly specify the -nc or -0A options. The latter is not recommended for security reasons, since such passwords are far too easy to guess.

Debian		$ apt-get install pwgen
Ubuntu 		$ apt-get install pwgen
Alpine		$ apk add pwgen
Arch Linux	$ pacman -S pwgen
Kali Linux	$ apt-get install pwgen
Fedora		$ dnf install pwgen
OS X		$ brew install pwgen
Raspbian	$ apt-get install pwgen
Docker		$ docker run cmd.cat/pwgen pwgen

How to install pwgen in Fedora CoreOS?

[core@ip-172-31-9-59 selfhost]-bash: pwgen: command not found


$ sudo rpm-ostree install pwgen
Checking out tree 252fffd... done
Enabled rpm-md repositories: fedora-cisco-openh264 updates fedora updates-archive
rpm-md repo 'fedora-cisco-openh264' (cached); generated: 2021-02-23T00:49:00Z
rpm-md repo 'updates' (cached); generated: 2021-07-17T01:33:35Z
rpm-md repo 'fedora' (cached); generated: 2021-04-23T10:47:57Z
rpm-md repo 'updates-archive' (cached); generated: 2021-07-17T02:03:41Z
Importing rpm-md... done
Resolving dependencies... done
Will download: 1 package (29.1?kB)
Downloading from 'fedora'... done
Importing packages... done
Checking out packages... done
Running pre scripts... done
Running post scripts... done
Running posttrans scripts... done
Writing rpmdb... done
Writing OSTree commit... done
Staging deployment... done
Added:
  pwgen-2.08-6.fc34.x86_64
Run "systemctl reboot" to start a reboot

$ sudo systemctl reboot

$ pwgen
eex8ieKi ouF5yeeN Meyio1ee Jie8is5a rahTh3th Ooyui3Az Eish8aig Shae5Quo
yauz6eYe dimaeC1f oaz2aGhi moo7Ikah ohW8te1f eot0wieR oFie8Tai Phuju7vi
yah7Fa9i aeLee1th Oido9quu guTei7mo Xa4Eeciz ahphee7A muWa3ooR ooGua4ch
OoBah3La Noob3Wai Xi0joos7 Ea6oxeit ziwu0ohG Wei4zees Igh7eish Li6eu4fa
quoo1Cee xoo6Kei6 phiem5Ah io6TooG6 waeGhai1 ohb3Ahne eiNi8Iel Airaih8G
dooThee6 Ie9seif5 Ohsh6aih Chie2eex IeGhie0l ke6Ang2g Shee3rus ad1pheeK
ojaiX4ah eiL4iesh OhfeiV4P ba3aeGh8 kop3ahJa eneiDu4n Yeeth0ve Deek8pai
biW2Thoh de0Uimoh uf9ahLae raeNo5uL eiNg6Ue4 YeB7ejik ahmi3ooT che9io6I
eeF3peez Aedig1ah thoh3uiT Aelieru3 OhCae3mi quauSh5N es6ahSoh eeChaiw3
eiFe6ief Xah6ohJu eiTae1ie ohS3oogo Ohtayi2i ahKaa0oh Eegh5iek Sheij5fa
pae9duP1 ohJahch5 ohd5rieG eemee5Gu Aepuoqu1 eemieT7e johXu0ve eeBah6mu
phei2Eev mah3Zei1 eu9eR5ie oohaeL7b auPoo5Th quaec6Eu chi4Oonu Iu5oc6xo
usi8Vah9 Aeng5za9 uaC2eshu Et2sha4w Sacongo6 IeGhe3ul ooChahS4 ze1Ier5i
hae3waNa he9Oj5ee auzoh0Ee xaeK3cee xahvei7L aedei1Ga Oob9dumo jieCh0lo
Chu9shi1 oS7eiYoh roh7Quie Voh0eeg5 Ixa6naMa Aelacei0 aiweiX8a ohZouW4E
Ini1saeh Aa1queiz shi1JoGh Fie7Qua0 Iey9ceiv ohcai3Ee Jesh2iev zaeg3ieP
Douso3we Sai2taro Jee3vahb meohooJ5 Wiaghie1 pheiWei6 quie3Pho aigh9Bua
oojie3Ie shah0iXi eite0aeX soh0iF7e aiMooR3a aequ6Che ChieQu9r eeV5chob
Aey9aiha AiLuey4t oof6quaN ahSohJ1g sheiH6oo eepheiX9 Udee4sha quo9loFe
Kah9uupa kaepeiB4 thah4Xuj Libeiy3n Eengahb9 Eephu2he hohda4Th Sairah2i

Prerequisite Install and Configure of Forem Self-Host setup

How to install python3 on Fedora CoreOS?

How to Install Python on Coreos?

How to install ansible on fedora coreos?

How to install ansible on fedora coreos?

How to install Python in Fedora Coreos?

Prerequisites: Installing pip

$ curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py
$ python get-pip.py --user

Installing Ansible with pip

# Once pip is installed, you can install Ansible 1:
$ python -m pip install --user ansible

# In order to use the paramiko connection plugin or modules that require paramiko, install the required module 2:
$ python -m pip install --user paramiko

# If you wish to install Ansible globally, run the following commands:
$ sudo python get-pip.py
$ sudo python -m pip install ansible

How to Install Python on Coreos?

Python2

wget -qO- https://raw.githubusercontent.com/judexzhu/Install-Python-on-CoreOs/master/install-python.sh | sudo bash

Python3

wget -qO- https://raw.githubusercontent.com/judexzhu/Install-Python-on-CoreOs/master/install-python3.sh | sudo bash

$ rpm-ostree install python
$ systemctl reboot


cat > ~/.bashrc << EOF
export PATH=$PATH:/opt/bin
EOF

How to install python3 on Fedora CoreOS?

$ sudo rpm-ostree install python3
$ sudo systemctl reboot
$ which python
/usr/bin/python
$ python --version
Python 3.9.6

$ rpm-ostree status
State: idle
AutomaticUpdatesDriver: Zincati
  DriverState: active; periodically polling for updates (last checked Sat 2021-07-17 21:57:05 UTC)
Deployments:
* ostree://fedora:fedora/x86_64/coreos/stable
                   Version: 34.20210626.3.1 (2021-07-14T14:49:01Z)
                BaseCommit: 252fffde6f56d183a3c51c05a0c602b61011f6cb4de23a58313ba3b0023dc360
              GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39
           LayeredPackages: python3

  ostree://fedora:fedora/x86_64/coreos/stable
                   Version: 34.20210626.3.1 (2021-07-14T14:49:01Z)
                    Commit: 252fffde6f56d183a3c51c05a0c602b61011f6cb4de23a58313ba3b0023dc360
              GPGSignature: Valid signature by 8C5BA6990BDB26E19F2A1A801161AE6945719A39

Login Issues with Fedora CoreOs using Fedora user in AWS

$ ssh -i "Debug.pem" fedora@10.5.5.4
fedora@10.5.5.4: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

AWS
stable
Regions
- Region: ap-south-1
Release: 34.20210626.3.1
Image: ami-0de887f898b8b9edf

Solution

$ ssh -i "Debug.pem" core@10.5.5.4


# Default user in Fedora CoreOs is core instead of fedora but AWS wrongly display that information.

Once the VM has finished booting, its IP addresses will appear on the serial console. By design, there are no hard-coded default credentials.

If you set up an SSH key for the default core user, you can SSH into the VM and explore the OS:

ssh core@<ip address>